{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-49796","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2025-06-10T22:17:05.287Z","datePublished":"2025-06-16T15:14:28.251Z","dateUpdated":"2026-05-12T12:08:17.126Z"},"containers":{"cna":{"title":"Libxml: type confusion leads to denial of service (dos)","metrics":[{"other":{"content":{"value":"Important","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.1,"baseSeverity":"CRITICAL","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory."}],"affected":[{"versions":[{"status":"affected","version":"0","lessThan":"2.15.0","versionType":"semver"}],"packageName":"libxml2","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","defaultStatus":"unaffected"},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.12.5-7.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:enterprise_linux:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.1-6.el7_9.10","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:enterprise_linux:8::baseos","cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:enterprise_linux:8::baseos","cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-9.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_aus:8.2::baseos","cpe:/a:redhat:rhel_aus:8.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/o:redhat:rhel_tus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/o:redhat:rhel_tus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/o:redhat:rhel_tus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos","cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos","cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.13-1.el9_0.5","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/o:redhat:rhel_e4s:9.0::baseos","cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.13-3.el9_2.7","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream","cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"affected","versions":[{"version":"0:2.9.13-10.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP2","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","defaultStatus":"unaffected","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"412.86.202510291903-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.12::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"413.92.202510150118-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.13::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"414.92.202510211419-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.14::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"417.94.202510112152-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.17::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"418.94.202510230424-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.18::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"4.19.9.6.202510140714-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.19::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","defaultStatus":"affected","versions":[{"version":"4.20.9.6.202509251656-0","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift:4.20::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-rhel9-operator","defaultStatus":"affected","versions":[{"version":"1.11-19","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:webterminal:1.11::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","defaultStatus":"affected","versions":[{"version":"1.11-8","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:webterminal:1.11::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12 on RHEL 9","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","defaultStatus":"affected","versions":[{"version":"1.12-4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:webterminal:1.12::el9"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-ephemeral-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-postgresql-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-db-migrator-tool-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-postgresql-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-4","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-management-console-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-9","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-rhel8-operator","defaultStatus":"affected","versions":[{"version":"1.36.0-18","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-builder-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-devmode-rhel8","defaultStatus":"affected","versions":[{"version":"1.36.0-7","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"]},{"vendor":"Red Hat","product":"cert-manager operator for Red Hat OpenShift 1.16","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"cert-manager/jetstack-cert-manager-rhel9","defaultStatus":"affected","versions":[{"version":"sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:cert_manager:1.16::el9"]},{"vendor":"Red Hat","product":"File Integrity Operator 1","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-file-integrity-rhel8-operator","defaultStatus":"affected","versions":[{"version":"sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1::el9"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","defaultStatus":"affected","versions":[{"version":"sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","defaultStatus":"affected","versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","defaultStatus":"affected","versions":[{"version":"sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10630","name":"RHSA-2025:10630","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:10698","name":"RHSA-2025:10698","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:10699","name":"RHSA-2025:10699","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:11580","name":"RHSA-2025:11580","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12098","name":"RHSA-2025:12098","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12099","name":"RHSA-2025:12099","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12199","name":"RHSA-2025:12199","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12237","name":"RHSA-2025:12237","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12239","name":"RHSA-2025:12239","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12240","name":"RHSA-2025:12240","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:12241","name":"RHSA-2025:12241","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:13267","name":"RHSA-2025:13267","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:13335","name":"RHSA-2025:13335","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:15397","name":"RHSA-2025:15397","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:15827","name":"RHSA-2025:15827","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:15828","name":"RHSA-2025:15828","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:18217","name":"RHSA-2025:18217","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:18218","name":"RHSA-2025:18218","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:18219","name":"RHSA-2025:18219","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:18240","name":"RHSA-2025:18240","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:19020","name":"RHSA-2025:19020","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:19041","name":"RHSA-2025:19041","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:19046","name":"RHSA-2025:19046","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:19894","name":"RHSA-2025:19894","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2025:21913","name":"RHSA-2025:21913","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:0934","name":"RHSA-2026:0934","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","name":"RHSA-2026:7519","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/security/cve/CVE-2025-49796","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372385","name":"RHBZ#2372385","tags":["issue-tracking","x_refsource_REDHAT"]},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"}],"datePublic":"2025-06-11T00:00:00.000Z","problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"Out-of-bounds Read","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-125: Out-of-bounds Read","workarounds":[{"lang":"en","value":"There's no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library."}],"timeline":[{"lang":"en","time":"2025-06-12T00:35:26.470Z","value":"Reported to Red Hat."},{"lang":"en","time":"2025-06-11T00:00:00.000Z","value":"Made public."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2026-04-19T19:34:58.936Z"},"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-06-16T15:32:55.790163Z","id":"CVE-2025-49796","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-16T15:33:08.296Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:05:26.711Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T12:08:17.126Z"},"affected":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","versions":[{"status":"affected","version":"0","lessThan":"V2.17.1","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-577017.html"}]}]}}